By Jason Miller
July 17, 2007
The Office of Management and Budget and the Homeland Security Department
today explained 10 common mistakes agencies make when securing data and
personal information and offered a host of best practices to correct
In a new paper, Common Risks Impeding the Adequate Protection of
Government Information , OMB and DHS discuss common problems in areas
such as training, contracting and records management.
OMB and DHS developed this paper as a part of the Presidents Identity
Theft Task Force recommendations.
All of the best practices and important resources are interrelated, and
they can help agencies address the risks associated with information
security and privacy programs, said Karen Evans, OMBs administrator for
information technology and e-government.
In the paper, OMB and DHS recommend agencies take steps to protect data.
These include tailoring training to employees with significant security
and privacy responsibilities, incorporating the Federal Acquisition
Regulation language into all contracts and agreements and developing a
standard operating procedure that describes how to identify and report
suspicious activities or incidents.
The paper also provides resources from OMB, DHS and the National
Institute of Standards and Technology for agencies to refer to when
implementing the best practices.
Attend Black Hat USA, July 28-August 2 in Las Vegas,
the world's premier technical event for ICT security
experts. Featuring 30 hands-on training courses and
90 Briefings presentations with lots of new content
and new tools. Network with 4,000 delegates from
70 nations. Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on
June 1 so register today. http://www.blackhat.com